Issue 771468 link

Starred by 1 user

Issue metadata

Status:	Fixed
Owner:	falken@chromium.org
Closed:	Oct 2017
Components:	Blink>ServiceWorker Internals>Services>Network
EstimatedDays:	----
NextAction:	----
OS:	----
Pri:	3
Type:	Bug

Proj-Servicification

Blocking:
issue 715640

S13nServiceWorker: claim-affect-other-registration.https.html is crashing

Project Member Reported by falken@chromium.org, Oct 4 2017

Issue description

When something gets claimed we send a SetController(nullptr) and then immediately after SetController(controller). ServiceWorkerProviderContext::SetController dies on the nullptr since it tries to dereference it.

Seems weird that we're sending both these IPCs, would ideally fix that.

Project Member

Comment 1 by bugdroid1@chromium.org, Oct 4 2017

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6d404f3f0bd8ce50d9fb72aedcbb8dfd97e34fc9

commit 6d404f3f0bd8ce50d9fb72aedcbb8dfd97e34fc9
Author: Matt Falkenhagen <falken@chromium.org>
Date: Wed Oct 04 04:38:15 2017

S13nServiceWorker: Fix crash when controller is null.

The browser process sends a SetController IPC message with a null
controller in some cases. When claim() is used, it first sends
null and then sends the new controller. Teach the renderer to
handle the null case.

I think we could clean up the browser-side code to not send
this confusing IPC sequence but the cleanup would be easier
after PlzNavigate related code like cross-site transfer
is removed. Anyway, the renderer has to handle this
in certain cases like
ServiceWorkerProviderHost::NotifyControllerLost() which
is called when there is a fatal error.

Bug:  771468 
Change-Id: I7cb2ba80a3ffa19b7068067023c2455a17dab2c2
Reviewed-on: https://chromium-review.googlesource.com/700114
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Matt Falkenhagen <falken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#506300}
[modify] https://crrev.com/6d404f3f0bd8ce50d9fb72aedcbb8dfd97e34fc9/content/browser/service_worker/service_worker_provider_host.cc
[modify] https://crrev.com/6d404f3f0bd8ce50d9fb72aedcbb8dfd97e34fc9/content/browser/service_worker/service_worker_provider_host.h
[modify] https://crrev.com/6d404f3f0bd8ce50d9fb72aedcbb8dfd97e34fc9/content/child/service_worker/service_worker_provider_context.cc
[modify] https://crrev.com/6d404f3f0bd8ce50d9fb72aedcbb8dfd97e34fc9/third_party/WebKit/LayoutTests/FlagExpectations/enable-features=NetworkService

Comment 2 by falken@chromium.org, Oct 4 2017

Status: Fixed (was: Started)

Comment 3 by laforge@google.com, Nov 7 2017

Components: Internals>Network>Service

Comment 4 by laforge@google.com, Nov 7 2017

Components: -Internals>Network>Service Internals>Services>Network

Apologies, applied the wrong component in bulk.

►

Issue 771468 link

Issue metadata

S13nServiceWorker: claim-affect-other-registration.https.html is crashing

Issue description

Comment 1 by bugdroid1@chromium.org, Oct 4 2017

Comment 1 Deleted

Comment 2 by falken@chromium.org, Oct 4 2017

Comment 2 Deleted

Comment 3 by laforge@google.com, Nov 7 2017

Comment 3 Deleted

Comment 4 by laforge@google.com, Nov 7 2017

Comment 4 Deleted

Sign in to add a comment